Skip to main content

Fake Crypto Wallet Apps Slip Into Apple’s App Store, Target Users’ Funds

 

A new wave of malicious iOS applications has been uncovered on Apple’s App Store, disguising themselves as legitimate cryptocurrency wallets to steal users’ sensitive data. The campaign, identified by cybersecurity researchers at Kaspersky and dubbed FakeWallet, has reportedly been active since at least late 2025.

According to the findings, at least 26 fraudulent apps were distributed through the platform, impersonating popular crypto wallet services. These apps used cloned logos, familiar branding, and slight variations in names to appear authentic and rank in search results. Their primary goal was to trick users into entering their recovery phrases critical credentials that grant full access to cryptocurrency funds.

The campaign appears to have been particularly active in regions like the Chinese App Store, where restrictions on official crypto apps create a gap that malicious actors can exploit with convincing imitations.

Fake website impersonating Ledger
Source: Kaspersky
After being alerted, Apple removed several of the identified apps from the App Store. However, the company has not publicly commented on how the apps bypassed its review process or what additional measures may be taken to prevent similar incidents in the future.

The discovery highlights ongoing risks in the cryptocurrency space, especially for users who rely on mobile apps to manage digital assets. Experts advise downloading apps only from verified developers and remaining cautious of any application requesting sensitive recovery information.

Seed phrase phising screen
Source: Kaspersky




Labels:

Popular posts from this blog

ChatGPT-5 Is Powerful and Fast, But It Can’t Replace Software Engineers!

  As someone who’s been following tech closely for over a decade, I’ve seen countless innovations come and go but few have stirred as much excitement and debate as ChatGPT. ChatGPT has developed, and launch ChatGPT 5, it genuinely seems that the enhancements have significantly slowed down. Previous iterations led to significant advancements in AI capabilities, particularly in assisting with coding. However, the enhancements now seem minor and somewhat gradual. It feels as though we’re experiencing diminishing returns in the extent to which these models improve at truly substituting real coding tasks. The vast majority of people say that AI is going to replace software engineers very soon. Yes, AI can perform simple activities and support routine activities, but where there are intricate things like planning the system, tackling more challenging problems, grasping actual business needs, and collaboration with others, it hasn't been able to catch up yet. T hese require creativity...
Read more

A Simple PDF Tool Outpaced Giants by doing the basics faster, cleaner, and better than anyone else.

  I am going to break down the story of a tool that I'm willing to bet you've used, but whose incredible business journey you probably know nothing about. Honestly, this is a master class for any founder looking to build something valuable from scratch. I am calling it the Bootstrapper’s Playbook. A Wild Reality Check Let’s just start with a wild fact. There's a website out there, a deceptively simple one, that in places like India pulls in more traffic than Amazon. I'm serious. Millions and millions of people rely on it every single day. Any guesses? It's iLovePDF. If you've ever needed to quickly merge, split, or compress a PDF file, you've almost definitely landed on this site. But what most people have no idea about is how this massive global platform was built. And that is where the real story begins. Born from Frustration So, let's go all the way back to the beginning. Because this whole thing wasn't born from some grand business plan or a fanc...
Read more

Security Flaw in India's Income Tax Portal Exposes Sensitive Taxpayer Data

A major security vulnerability in India's income tax filing portal has been fixed, TechCrunch reported. The flaw, discovered by security researchers Akshay CS and "Viral" in September, allowed logged-in users to access real-time personal and financial information of other taxpayers. This included sensitive details such as full names, home addresses, email addresses, dates of birth, phone numbers and bank account information. Exposed Aadhaar numbers of individuals The security flaw in the income tax filing portal also exposed Aadhaar numbers, a unique government-issued identification number used for identity verification and accessing government services. TechCrunch verified the data by allowing researchers to search its records on the portal. The researchers confirmed on October 2 that the vulnerability had been patched. Discovery process Researchers found bug while filing tax returns The researchers found the security flaw while filing their recent income tax return on...
Read more